In Swift I'm using unzip
by launching a Process
to unzip a file.
I added a launchRequirement
to the process in order to make sure the executable is code signed by Apple and the identifier is com.apple.unzip
. After testing out my code on another machines (both physical and virtual), I found out that in some the identifier is actually com.apple.zipinfo
, which broke the SigningIdentifier
requirement.
It's safe to assume that /usr/bin/unzip
can be trusted since it's in a System Integrity Protection (SIP) location, but I'm wondering why this executable has different identifiers?
So, in terms of what you should do, I think that a simplified LWCR makes sense here, namely to just check for a validation category of .platform
. You’re running these programs via their full path, and if someone manages to replace /usr/bin/unzip
with another program that meets the .platform
requirement, further checking is unlikely to stop them.
In terms of what Apple should do, we’re still discussing that internally. I may end up filing a bug about this, but I don’t think that’ll affect you. That is, you can follow the above advice regardless of how things pan out on the Apple side.
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"